| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Jul 2017 15:06:45 -0700
From: Kees Cook <keescook@...omium.org>
To: Baoquan He <bhe@...hat.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
"x86@...nel.org" <x86@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>,
Thomas Garnier <thgarnie@...gle.com>, caoj.fnst@...fujitsu.com,
izumi.taku@...fujitsu.com
Subject: Re: [PATCH v2 1/2] x86/boot/KASLR: Adapt process_e820_entry for any
type of memory entry
On Tue, Jul 4, 2017 at 1:04 AM, Baoquan He <bhe@...hat.com> wrote:
> Now function process_e820_entry is only used to process e820 memory
> entries. Adapt it for any type of memory entry, not just for e820.
> Later we will use it to process efi mirror regions.
>
> So rename the old process_e820_entry to process_mem_region, and
> extract and wrap the e820 specific processing code into process_e820_entry.
This mixes changing the structure internals (.addr vs .start) with
changing the processing logic (adding a wrapper). I would prefer this
was done in several stages to make review easier:
1) lift e820 walking into a new function process_e820_entries(), and
move TYPE_RAM logic there.
2) switch process_e820_entry() from struct boot_e820_entry to struct mem_vector.
3) rename (and adjust comments!) of process_e820_entry() into
process_mem_region().
-Kees
>
> Signed-off-by: Baoquan He <bhe@...hat.com>
> ---
> arch/x86/boot/compressed/kaslr.c | 60 ++++++++++++++++++++++------------------
> 1 file changed, 33 insertions(+), 27 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
> index 91f27ab970ef..85c360eec4a6 100644
> --- a/arch/x86/boot/compressed/kaslr.c
> +++ b/arch/x86/boot/compressed/kaslr.c
> @@ -479,35 +479,31 @@ static unsigned long slots_fetch_random(void)
> return 0;
> }
>
> -static void process_e820_entry(struct boot_e820_entry *entry,
> +static void process_mem_region(struct mem_vector *entry,
> unsigned long minimum,
> unsigned long image_size)
> {
> struct mem_vector region, overlap;
> struct slot_area slot_area;
> unsigned long start_orig, end;
> - struct boot_e820_entry cur_entry;
> -
> - /* Skip non-RAM entries. */
> - if (entry->type != E820_TYPE_RAM)
> - return;
> + struct mem_vector cur_entry;
>
> /* On 32-bit, ignore entries entirely above our maximum. */
> - if (IS_ENABLED(CONFIG_X86_32) && entry->addr >= KERNEL_IMAGE_SIZE)
> + if (IS_ENABLED(CONFIG_X86_32) && entry->start >= KERNEL_IMAGE_SIZE)
> return;
>
> /* Ignore entries entirely below our minimum. */
> - if (entry->addr + entry->size < minimum)
> + if (entry->start + entry->size < minimum)
> return;
>
> /* Ignore entries above memory limit */
> - end = min(entry->size + entry->addr, mem_limit);
> - if (entry->addr >= end)
> + end = min(entry->size + entry->start, mem_limit);
> + if (entry->start >= end)
> return;
> - cur_entry.addr = entry->addr;
> - cur_entry.size = end - entry->addr;
> + cur_entry.start = entry->start;
> + cur_entry.size = end - entry->start;
>
> - region.start = cur_entry.addr;
> + region.start = cur_entry.start;
> region.size = cur_entry.size;
>
> /* Give up if slot area array is full. */
> @@ -522,7 +518,7 @@ static void process_e820_entry(struct boot_e820_entry *entry,
> region.start = ALIGN(region.start, CONFIG_PHYSICAL_ALIGN);
>
> /* Did we raise the address above this e820 region? */
> - if (region.start > cur_entry.addr + cur_entry.size)
> + if (region.start > cur_entry.start + cur_entry.size)
> return;
>
> /* Reduce size by any delta from the original address. */
> @@ -562,12 +558,31 @@ static void process_e820_entry(struct boot_e820_entry *entry,
> }
> }
>
> -static unsigned long find_random_phys_addr(unsigned long minimum,
> - unsigned long image_size)
> +static void process_e820_entry(unsigned long minimum, unsigned long image_size)
> {
> int i;
> - unsigned long addr;
> + struct mem_vector region;
> + struct boot_e820_entry *entry;
> +
> + /* Verify potential e820 positions, appending to slots list. */
> + for (i = 0; i < boot_params->e820_entries; i++) {
> + entry = &boot_params->e820_table[i];
> + /* Skip non-RAM entries. */
> + if (entry->type != E820_TYPE_RAM)
> + continue;
> + region.start = entry->addr;
> + region.size = entry->size;
> + process_mem_region(®ion, minimum, image_size);
> + if (slot_area_index == MAX_SLOT_AREA) {
> + debug_putstr("Aborted e820 scan (slot_areas full)!\n");
> + break;
> + }
> + }
> +}
>
> +static unsigned long find_random_phys_addr(unsigned long minimum,
> + unsigned long image_size)
> +{
> /* Check if we had too many memmaps. */
> if (memmap_too_large) {
> debug_putstr("Aborted e820 scan (more than 4 memmap= args)!\n");
> @@ -577,16 +592,7 @@ static unsigned long find_random_phys_addr(unsigned long minimum,
> /* Make sure minimum is aligned. */
> minimum = ALIGN(minimum, CONFIG_PHYSICAL_ALIGN);
>
> - /* Verify potential e820 positions, appending to slots list. */
> - for (i = 0; i < boot_params->e820_entries; i++) {
> - process_e820_entry(&boot_params->e820_table[i], minimum,
> - image_size);
> - if (slot_area_index == MAX_SLOT_AREA) {
> - debug_putstr("Aborted e820 scan (slot_areas full)!\n");
> - break;
> - }
> - }
> -
> + process_e820_entry(minimum, image_size);
> return slots_fetch_random();
> }
>
> --
> 2.5.5
>
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists